All updates
improvements
security
Safer landing scans & smoother signup
Public URL scans are hardened against abuse, and scan results now pre-fill your first project during onboarding.
Improvements
- Scan results pre-fill project name, description, and website URL when you sign up after a landing-page scan
- Landing scan copy now clearly explains it is a static HTML preview, not a full runtime audit
- Register page shows a banner when you arrive with a pending scan
Security
- SSRF protections block localhost, private IPs, and non-standard ports before any fetch runs
- DNS resolution is validated so targets cannot redirect to internal networks
- Redirects are disabled and response bodies are capped at 2 MB
- Rate limits apply per IP — 10 scans per minute and 50 per day